/*
脚本说明:用户权限维护，给用户添加权限。
程序员:
*/

//脚本唯一关键字,通过该关键字找到对应脚本，每个脚本必须有该描述。
var v_script_id = 'authuserinfos_5';
//脚本状态,0:该脚本不许执行，1:该脚本可以执行
var v_status = '1';

//脚本逻辑写在run语句之间
if (run && action.getAuthority().is(5,"9")){
	var user = action.getSession().getAttribute("user");
	var authid = action.form.getInteger('authid');
	var checkids_user = action.form.getString('checkids_users');
	var checkids_kinds = action.form.getString('checkids_kinds_user');
	var checkids_dynanode = action.form.getString('checkids_dynanode_user');
	action.errorCode = 0;
	//h_auth_dyna_user_infos
	var arrkinds = checkids_kinds.split(',');
	var arrnodes = checkids_dynanode.split(',');
	var arruser =  checkids_user.split(',');
	for(i=0; i<arrkinds.length; i++){
		for(j=0; j<arrnodes.length; j++){
			for(k=0; k<arruser.length; k++){
				//查看这个角色在这个节点上是否有指定权限。
				if(user.getRolekind()>=3){
					sql = " select count(id) from v_auth_all where  authid = " + 
						authid + " and pcolvalue = " + arrnodes[j] + 
						" and kind = " +arrkinds[i] ;
					if (user.getRoleids('roleid','or') == null){
						sql += ' and userid = '+ user.getId() ;
					}else{
						sql += ' and (' + user.getRoleids('roleid','or') + ' or userid = '+ user.getId() +')';
					}
					//println(sql);
					if( action.dbUtil.getSampleIntegerValue(sql) == 0 ) continue;
				}
				
				sql = "select count(id) from h_auth_dyna_user_infos where authid = " + 
					authid + " and pcolvalue = " + arrnodes[j] + " and authkind = " +
					arrkinds[i] + " and userid = " + arruser[k] ;
				if( action.dbUtil.getSampleIntegerValue(sql) == 0 ){
					sql = "insert into h_auth_dyna_user_infos(id,authid,pcolvalue,authkind,userid) " +
						" values(h_auth_dyna_user_info_seq.nextval,"+authid+","+arrnodes[j] +","+arrkinds[i]+"," + arruser[k] + ")";
					if(action.dbUtil.update("",sql)==0) 
					{
						action.errorCode = 2;//数据库操作失败
						action.retString = '数据库操作失败';//错误文字说明
					}  
				}
			}
		}
	}
	//刷新权限分配缓存
	if (action.errorCode ==0){
		com.handy.plugin.auth.TAuthCache.getInstance().loadAuthDynaUserInfos();
	}
}